How the Symantec Endpoint Protection (SEP) clients check for the integrity of the files when receiving LiveUpdate content from Live Update Administrator (LUA) or Symantec Endpoint Protection Manager (SEPM).
Use Case: In case the LUA \SEPM server is attacked and the definition file in the path is altered to another infected file.
Applicable to all SEP versions
The client does the integrity check for the live update content files received from LUA \ SEPM using the the Livetri.zip archive that gets downloaded as part of receiving live update content from LUA .
Livetri.zip archive contains the following files: